Feature Requests - Page 21 - Burp Suite User Forum

Sub Tabs

Iv been using quite a few extensions on burp pro, and the tabs can overwhelming. Can we get a feature to organize the tabs? maybe a sub-tab of the extensions?

Application Wide Command Palette

There are so many settings and options in BurpSuite Pro, when doing a job I'm constantly having to search through the tabbed menus and sub-menus looking for a specific setting which takes up a lot of valuable time. A very...

Intruder Position

Can u plz give ability to name chosen position in a pop-up window, so that later on i would be able to choose position not by number, but by name? Better yet, do it like its made in fuzzer in OWASP ZAP - color coded...

Solutions of the labs

Hello! May I upload my video solutions of the labs of the Academy on the Internet (social networks, Youtube etc)?

Scanned URLs (sitemaps) for Single Page web Application (SPA)

Hi. I'm evaluating Burp Enterprise as a tool to scan Single Page web Applications (SPA). We cannot see any dynamic URLs in Scanned URLs tab in the scan result when the target application uses a router(e.g., Vue Router,...

Saving Repeater data to project files

One of our largest customers wants our consultants to submit Burp project files logging all project-related traffic to them after each pentest so that they can audit us. This is currently difficult as while Burp’s project...

customDnsRecords : More record types

At the moment when running a private collaborator server, you can only use TXT and CNAME records in customDnsRecords. Is there a reason we can't set all DNS record types or at least the most common ones: A (Host...

Better streaming support

I've noticed that streaming responses do not appear in the history and active scans do not work either because Burp thinks they timeout. Can you please improve the support for streaming responses? Thank you!

non-pausing

Hello dear friends, I want to set up my scans without pausing. So. How can I do this? And if this is an issue ok, let's fix it ;) KR

Cannot open the labs

Apologies, the lab could not be started in a timely manner. Please try again or contact us if the problem persists.

Filter for HTTP verbs in search

Hi guys! I was thinking that it might be useful to be able to filter searches for HTTP verbs (e.g., only POST, only GET, etc.). Thanks!

Switch to another language

It's too difficult for new people, it needs to change languages.and have debug send you email.

OWASP Top Ten 2021

Hi, is there or when will there be up to date documentation on burps capabilities of testing against the new OWASP Top 10 2021?

Tab Management - Vertical or Horizontal scrollable pane for Intruder/Repeater tabs

Hello, Like Inspector, I think Burp Intruder/Repeater Tabs should present themselves as Rows in a customizable, vertical or horizontal pane. Tabs seem a bit archaic in terms of presentation and don't fit with the up and...

Tool for creating Burp Scanner Checks

Hello, I believe it would be create to have built-in functionality similar to Burp Bounty which allows for users with the Pro version to make their own Scanner checks, based off: * Grep strings * Delays *...

"Allow HTTP/2 ALPN override" Feature

I'm currently trying to solve labs under http request smuggling. There are four labs in that section that requires one to enable the "Allow HTTP/2 ALPN override" feature which is only available in Burp Suite Professional /...

private Burp Collaborator customDnsRecords: dns rebinding

I am unaware of private Burp Collaborator having this function (happy for someone to point me in the right direction if I missed it). I think it could be really useful if using customDnsRecords, it was possible to set up...

I have not received my email yet on using the free trial for the professional edition of Burp Suite

My name is: Patrick Vicedomine My email is: Patrick.Vicedomine@WoltersKluwer.com On March 2nd, 2022. I followed the process for trying out the Professional version of Burp Suite for a free trial. I was told that I...

Add checks for php:// filter

Would be really nice if the scanner checks for php:// filter requests. Example request: http://xqi.cc/index.php?m=php://filter/convert.base64-encode/resource=index

FTP

Does portswigger have any tutorial about FTP attacks or vulernablities?